self-signed SSL seen as "unprotected" or "insecure"
-
xennex last edited by
When using a site with a self-signed certificate, Opera will insist that your connection is NOT secure just because the certificate can't be trusted, even if you said "go ahead anyway". It also does NOT show any "https" in the address bar.
For these reasons it is almost impossible to know if you are using an SSL connection. Yes, when you click on the globe icon it tells you there is a certificate; that is the only indication. This is really bad.
Only after: exporting the certificate; then importing it as a "basic authority", and then RESTARTING Opera, will Opera claim that the connection is safe. This is just ridiculous.
It should be known that at least your connection is secure because it is encrypted. Even if you can't know the authenticity and identity of the website you are dealing with - who tells you don't? - at least you are protected against eavesdroppers. Opera should show an indication that you are using an SSL connection (for example, by allowing me to see the https/http).
-
lando242 last edited by
It should be known that at least your connection is secure because it is encrypted.
Incorrect. If you can't verify the certificate you can't be sure the system on the other end is the real end of the line or a middle man grabbing your traffic. Thats the whole problem and why these crappy certificates are listed as insecure.
Opera should show an indication that you are using an SSL connection (for example, by allowing me to see the https/http).
But Opera can't tell that its fully encrypted end to end because the cert is garbage. If the cert is garbage the connection is suspect. Whats the point of having some tin stay security badge displayed if its so easy to bypass it its worthless? Opera isn't Internet Explorer. Its not just going to rubber stamp something so you feel good about it.
-
-
xennex last edited by
This is the post that follows the post that is being held in moderation, just in case:
Every person knows this, that uses SSH. Life would become impossible if every freaking host required some Official Party to sign his or her certificate. You could not do any random or hobby things anymore.
SSH clients could, you know. They could. They could simply refuse to connect. But that would not last long given the general open-source nature of those clients. People would object, entirely and effectively.
Maybe you need to learn a thing or two.
A SSH connection is no different from an SSL connection.
It uses public/private key pairs to encrypt the connection. In general, that's the same.
Furthermore, there are now millions of hosts that do not provide any form of personal log-in, but still use SSL to serve ads and the like. Virtually everything is hidden behind SSL now. That is why my proxy breaks it up, so it can still harvest those images for caching purposes.
There is more to the web than only the "public, High profile web". Sure, if Facebook presents an invalid or untrusted certificate, sure. I will raise my eyes and my eyebrows. But invalidity is not the same as untrustiness and Opera provides No information WHATSOEVER as to WHY the certificate is invalid.
It just says "invalid". Blunt. Non-informative. Because if it gave information, it would provide power to the people and put them in positions of power, and it doesn't want that, it wants to patronize and intrude. On the lives of people using it. For political correctness, yes. And all that.
Opera's message is not educational and not informative. It falls short of these marks. Obviously that is the same with Chrome probably, I haven't installed it yet here.
Installing Chrome is a bit harder on Linux.
So it does not empower people, and it does not empower them to make their own choices, nor does it even allow them to. It decides to be the gatekeeper when noone asked it to. It does not respect the user's wishes and is just a plain bad program in that sense.
It's supposed to be a tool, but now the user is the tool of the browser. Doing what IT wants.
General eavesdropping is much more common than man-in-the-middle attacks and SSL certificates that are not signed by "official authority" provide just that: protection against that.
So saying that the connection is not protected (against the most common threats) is a plain misinforming non-truth. You can call it a falsehood.
Or even a lie.
They are not garbage, you are garbage for saying these things. The whole of the SSH world uses these things to connect to each other, only high-profile uses would provide server public keys in advance. Software repositories, the ones that are not overly official, require you to trust the certificate that is presented. In a billion to one cases, that will be fine. Whoever thinks to impersonate a file-hosting service providing packages for a linux system?. We are not talking about high-profile security here, and neither are most web-uses.
The number of thrown warnings compared to the number of real threats is just ridiculous. For every one real threat, a billion users will have been warned against false positives. Of course, given current circumstances. Because of the prevalence of these warnings, most users click continue anyway, and that is why "Opera" now forbids that choice. Because its own informational messages are so non-informational, people just habitually ignore it.
That is not a problem with the user, that is a problem with the browser and the choices it makes. That is the problem with the exaggeration of the security risks involved, and the vast blowing up of how important every single connection is, even if it is to a host serving ads. Opera (and other browsers, perhaps) non-discriminately treat ALL hosts as high-profile and high-securty, when it is not true, it is nothing but. The biggest threat is not in connecting to a new host, but connecting to a known host that suddenly sees changes.
THAT is where you can alert people. Everything else is nonsense.
Any NEW connection to an as yet UNKNOWN host runs NO risk of being subject to treachery because on a NEW host (given no domain name spoofing) you won't have any account sitting there or personal information being transfered there that is any important.
This is such blown up. It does not cater to the real security needs of users and provides so many false positives for threats and attacks, that they become absolutely worthless. Users are not educated in the slightest and overstimulated with nonsensical scary tactics that make them unable to discern what is happening when.
So apparently, Opera and others have decided to give users no freedom whatsoever at all, as if that is the solution. It is not. It is the problem.
Users can decide for themselves if they are well-educated and they are not well-educated with messages such as these and the incidence (vast number of them) that are being presented to them in low-risk situations.
It's the same with anti-viruses, people (companies) such as Microsoft and other vendors that have a stake in selling more software, present viruses as extremely high risk when they are not. "Your system is unprotected." F off, I haven't had a virus in 20 years and I have never used anti-virus in that time. Except on occasion to verify and there was never anything wrong. I won't have AV dragging down my system, but that's me. And because of the way that this is being tackled "you have to be protected by someone else" users never learn, because they are not given the opportunity to do so.
Even my father is scared of viruses and he has never used a computer.
-
xennex last edited by
Also, Opera says:
You attempted to reach www.google.nl, but the server presented an invalid certificate.
You cannot proceed because the website operator has requested heightened security for this domain.But if the connection source is not trusted, how can Opera know that the website operator has requested "heightened security" for that domain?.
Is that a DNS thing?.
I can't find any information on it.
-
xennex last edited by
At this point it is messing with my connection when I don't want it to. Who promoted it to be the safekeeper of all my internet? If I had the sources and the compilation environment, I would turn it off. This site is my own site and it is my own certificate. It is just plain intrusive and patronizing that it decides to know better than me, when it is my computer and I am free to do with it as I like.
Next you know you get browsers that won't connect to porn sites because it's immoral.
Or Opera that won't let you visit Mozilla.org because it's competition.
Get rid of that madness.
When you get the certificate error it hardly provides any information until you clock on the globe, then it says the connection is "Not protected" and then just says that the certificate is not trusted. The whole idea of trusted certificates is madness anyway because it says the government is to be trusted, when it's not. But regardless, this is my connection and I am to do with it what I want. I value freedom, and power, and apparently Opera doesn't want users to have that.
All the while I know for a fact that the certificate is my own (let's say I am 99.9999999999999999999999999999999999999999999999% certain) but here is another problem.
I just generated another certificate using a common method on Debian OS, that is recommended everywhere. Or at least reported. The certificate is imported into Opera as a root certificate and Squid uses it to generate fake certificates
based on websites that have real ones. Squid is capable of checking the trustworthiness if I want to; I am just delegating some task to Opera in the sense that it has to 'trust' my fake certificate and my self-signed root certificate provider for that fake certificate.However, it fails because it says the certificate (that it is presented in the end) is invalid.
I have no clue as to why it would be invalid. The Squid version is a bit older (3.4) but Firefox accepts the certificate no problems. The version I have installed on Windows (a slight tad older) also accepts it. I am now speaking of a Linux client (version 31.0.1889.174) and this version won't accept the certificate, but I can't be sure becaus the version of Squid I have on Windows is 3.5.
But the main problem is that Opera doesn't even present you a choice (in case of the untrusted certificate). It just cancels the connection. Period. It does not allow you to add an exception, as if its opinion on your computer is more important than your own.
It does not allow you to download the certificate and install it on your own. It doesn't allow anything. It is just plain obnoxious and plain intrusive.
It's like an intruder on my computer, and then it presents safety????.
If you intrude on someone's life, you cannot go and claim to be a protector. You meddle with someone's life in order to prevent another from meddling with his/her life? Doesn't that make you the crook?.
It's hypocrisy, that's what it is.
All the while Opera doesn't display the name of the signer in the address bar like some browsers do.
That means that If I have a "valid" (verisign, whatever) signed certificate, and my site impersonates another site, Opera will accept it without cause or complaint and tell me my connection is secure.
There are always or there have been exploits to fake the url in someone's browser, and there may be a DNS spoofing attempt (such as when using a public hotspot). Any hacker giving me free wifi can present me a fake website that looks just like the real one and Opera will not give any problems.
Actually normally that only happens when you get redirected to a different domain. The domain has to match the certificate. Regardless. It is generally providing as sense of false safety.
It is also providing and promoting a sense of false insecurity, and people are habitually trained to feel insecure. A general computer user -- because of the lack of knowledge, and information presented, regardless -- cannot interpret the certificate error message.
Many users run into certificate errors plainly because (due to some reason) their computer clock is set wrong. "You may not continue" then spells disaster, and their computer is working against them instead of for them.
The same crap happens with Java recently. Using Java in webapplications/applets has become virtually and practically impossible. Not that it was ever a nice technology, but some sites still use it and I cannot use them anymore.
Browsers f up too much.
I just wish there was a --no-check-certificate option like in wget.
The browser's role is to inform, not to enforce. And informing it does very badly. If it did, it would say something like:
"Opera cannot verify the source of your connection. That means the certificate was not signed by a trusted authority. The certificate is self-signed, and presented as follows:
<information>
If this is a high-profile website, you can be certain that the certificate would ordinarily be signed by a trusted-authority, and you should not continue. However, many people use self-signed certificates for their own purposes, because even though the end-point can not be verified against a real attacker, the connection is still encrypted and protected against general eaves-dropping."
So you are plain wrong that the certificate is garbage. It provides a function, namely making it extremely hard for general observers such as ISPs and governmental agencies, or even !!! tor endpoints from reading your plain-text data.
Anyone wanting to perform data mining on these connections would have to generate on-the-fly fake certificates for every certificate that comes along prompting the security warning for every single site visited; a sure sign that something is amiss. This is not a form of data mining that can take place in reality as it stands.
Man in the middle attacks are extremely rare. They require a hacker being in the position to hijack your connection; ordinarily this only happens with wifi access, because it is so inherently insecure. It can be done by a proxy server; it can be done by an ISP, it can be done by agencies or agents that have access to important routers. It can be done if your DNS is getting spoofed. On the other hand, connection monitoring is extremely common.
When you connect to an unkown host via SSH, it will say "You're connecting to a new host we don't know, are you sure you want to continue?" And when you say yes, it will add the server's public key to your store of authorized_hosts. Actually the file on Linux is called known_hosts. Then, should the host change, you would get another warning, which would indicate that something is amiss. It would be completely self-defeating if every ssh client would start issueing unverifiable certificate errors.
-
